Washington: The North Korean government’s desperation for cash is driving a surge in cyber-attacks targeting banks and other businesses in the US and around the world, American officials told CNN.
Thursday’s collapse of the US-North Korea summit in Hanoi, Vietnam, in part because of North Korean demands to remove sanctions, is the latest indicator of how the US-led restrictions are squeezing the North Korean economy and may lead to more attacks, the officials said on Friday.
The North Koreans are using everything from ransomware, which lets hackers seize control of a business important systems and then demand payment in exchange for getting out, to outright electronic bank heists.
Federal Bureau of Investigation (FBI) cyber investigators have identified the North Korean hackers behind a 2016 cyber-attack on Bangladesh’s central bank, the officials told CNN.
The North Koreans infiltrated Bangladesh Bank’s systems with hopes of stealing as much as $1 billion from accounts held at the New York Federal Reserve. The hackers got away with $81 million before the bank transfers were stopped.
John Demers, assistant attorney general for national security at the Justice Department, said the North Koreans have quickly become a major cyber threat in recent years alongside Iran, China and Russia.
But unlike the other countries, which focus more on intelligence operations, the North Koreans focus their energy on cash, he said.
“Straight up cyber bank theft — that’s a significant piece of what they do in cyberspace,” Demers told CNN.
US prosecutors first noticed the sophistication of the North Koreans in the 2014 hack of Sony Pictures Entertainment, in which hackers broke into the company’s systems and began releasing embarrassing internal emails and documents in retaliation for a Sony movie satirising North Korean leaders.
Since then, the increasing effectiveness of sanctions has prompted the North Koreans to turn to cybercrime to steal money.
The Justice Department is using criminal charges to try to thwart the North Koreans — even if there’s little likelihood of arresting the hackers responsible.
In another scheme in 2017, North Korean hackers orchestrated a series of WannaCry 2.0 ransomware attacks that infected computer systems around the world, including those of the British National Health Service, the US, Australia and the UK announced in December 2017.
Despite the US law enforcement actions, the North Korean government has continued its use of cyber-attacks to raise cash, the officials added.
